Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
1
Paranoid Browsing
By Aaron GrotheNEbraskaCERT
2
Parnoid Browsing
● What is Paranoid Browsing?● Why should I Paranoid Browse?● How to be more Paranoid.
3
What is Parnoid Browsing?
● Paranoid browsing is where you want to make sure that you make it harder for people to connect your browsing to you
4
Why Should I Paranoid Browse
● You're looking up something medical that you want to make sure doesn't make it to the googleplex
● You're a whistleblower trying to make sure that something is traced back to you
● You want to learn more about tor or tails● Because you want to and/or Because you can
5
Historical Paranoid Browsing
● This is how I used to do research● Had a machine with two removable drives● Would put drives into both Drives and boot off a cd-rom
then DD the master to the use disk● Shutdown machine remove CD and master drive and
then boot and start browsing
6
Historical Paranoid Browsing (Cont)
● Would use a set of Open Proxies such as Proxies for all to do most of the browsing.
● Rules● Always use at least two proxies in different countries with
different laws and procedures and languages● Pretty simple to do along the lines of
http://firstproxy:portnumber/http://secondproxy:portnumber/http://thirdproxy:portnumber/http://www.sitetoexamine.com
●
7
Historical Paranoid Browsing (Cont)
● Worked pretty well. Harder to find „safe proxies“ nowadays as you never know who is running one
● Has largely been replaced by ToR and VPNs
8
Paranoid Browsing Today
● Will want to use tor (The Onion Router) and a decent VPN for security
● Technically you can get by with tor and a lot of people do or just a VPN
● A VPN is a service provider that you route your traffic through
9
What is TOR?
● TOR (The Onion Router) is a system that promotes internet anonymity and resists censorship
● Initial development sponsored by US Naval Research Lab
● Is constantly being evaluated and improved● You connect to a machine on the tor network and your
traffic is routed through the network and leaves from a different machine
10
3 Systems that use tor
● Whonix – Linux Distro using VirtualBox● Tails – Live Linux Distro● Tor Browser Bundle – Available multiple platforms
(Mac/Linux/Windows)● You can also install tor on your local machine and use it
that way as well
11
Whonix
● System of Two VirtualBox Images (Workstation and Gateway)
● Workstation routes ALL traffic through Gateway so theoritically nothing can go out except via TOR
12
Whonix Pros
● Well segmented into Gateway and Workstation● Theoritically ALL traffic on the workstation goes through
tor on the gateway, allowing tools like IIRC and the like● VirtualBox is free and cross-platform (Windows/Mac OS
X/Linux)
13
Whonix Cons
● Gateway image has KDE on it so is quite a bit bigger than it needs to be
● Relies upon VirtualBox to make sure no traffic is sent out● Using Debian Tools may try to set certain things such as
Timezone which might lead to info leakage
14
Whonix Demo
● Lets do a quick demo of Whonix
15
Tails
● The Amenisiac Incognito Live System● Live CD/USB image for browsing● Fedora Based – routes through TOR
16
Tails Pros
● Easy to use, boot and go● Celebrity endorsement – Supposedly Richard
Snowden's choice of OS
17
Tails Cons
● Supposedly is being actively looked into by the government
● I2P – Invisible Internet Project part has issues and is actively being investigated. Expect it to be dropped soon from Tails
18
Tails Demo
● Lets do a Demo of Tails
19
Tor Browser Bundle
● Software package that combines tor and a browser configured to use it
20
Tor Browser Pros
● Portable can be put on a USB stick● Works cross-platform● Easy to install/use
21
Tor Browser Cons
● Runs on local machine so possible cross-talk● Has had some security issues in the past (flash)
22
Tor Browser Demo
● Lets do a Demo of the Tor Browser Bundle
23
Tor Drawbacks
● Will slow things down quite a bit●
● Base Machine DL 39.59 Mbps/UL: 6.43 Mbps● Whonix: DL 7.23Mbps/UL:5.2Mbps● Tails Unsafe Browser: DL 19.64/Mbsp/UL:6.4Mbps● Tails Tor Browser: DL:7.91Mbps/UL:4.83Mbps● Tor Bundle: DL: 6.4Mbps/UL: 2.8Mbps● Done using speedof.me
24
Tor Drawbacks (Cont)
● Potential False sense of security● Still need to use https as much as possible● Rogue TOR endpoint was used and was able to capture many
passwords as people through http over TOR was sufficent● Potential attacks against tor● Russia is offering 111k for anybody who can crack tor or
weaken it● Some protocols such as Bitttorent's DHT can cause issues
25
Tor Drawbacks (Cont)
● Sabu of Anonymous was supposedly using tor for all of his traffic. The story is one time he didn't use it for IIRC and then the FBI had him
● Potential mathematical attacks of tor. If a sympathetic group got together and could control 1/3 of the tor nodes they would be able to do some statistical analysis against it
26
VPNs
● Finding a good VPN●
● TorrentFreak.com (2014 which VPNs take your Anonymity Seriously)
● - http://torrentfreak.com/which-vpn-services-take-your-anonymity-seriously-2014-edition-140315/3/
27
VPNs
● The VPN is your last line of defense. If you something goes wrong with your tor or something else you are counting on these people to not turn over everything they have on you :-)
● Some take great pains to do things like take cash or bitcoins to make it harder to connect a VPN account to you
28
Most Paranoid Scenario
● Using tails on a machine you paid cash for and don't use anything else
● Go to coffeeshop● Connect to your VPN● Use tor to browse Web● Securely destoy machine when you are done
browsing :-)
29
Couple of Other Cool Things
● https://github.com/grugq/portal● P.O.R.T.A.L Personal Onion Router To Assure Liberty● Uses a commercial router with alternative firmware to
make sure your traffic goes through tor● Got my router Monday but haven't had a chance to get it
setup yet
30
Couple of Other Cool Things (Cont)
● Open Wireless Movement - https://openwireless.org/● EFF project to create a series of open routers. If you run
one you can get the ability to get some plausiable deniablity possibly
● Currently only supports one router type WNDR 3800, based on DDWRT so it should be possible to port to other routers as well
31
Couple of Other Cool Things (Cont)
● Onion PI – Raspberry PI plus tor●
● https://learn.adafruit.com/onion-pi/overview
● Creates a tor wifi hotspot – nice for phones/etc.
32
References
● Historical References●
● Internet Anonymity for Linux Newbies● http://www.theregister.co.uk/2002/08/28/internet_anony
mity_for_linux_newbies/●
● Several other in series as well (good classic knowledge)
33
References
● Books●
● Dragnet Nation by Julia Angwin (Excellent book talking about balance between privacy and conveince)
● Little Brother/Homeland by Cory Doctorow – might as well hit Boing Boing and get your „Deep Surveliance“ button checked
34
References
● Tools Used●
● Whonix – https://www.whonix.org● Tails – https://tails.boum.org● Tor Browser Bundle –
https://www.torproject.org/projects/torbrowser.html.en
35
Other Tools
● Benchmarking Tool●
● SpeedOf.Me – HTML 5 Network Benchmarking tool / doesn't use flash or java
●
● http://Speedof.me